--- /dev/null
+From 8c8a3b5bd960cd88f7655b5251dc28741e11f139 Mon Sep 17 00:00:00 2001
+From: Peter Collingbourne <pcc@google.com>
+Date: Wed, 15 Sep 2021 12:03:35 -0700
+Subject: arm64: add MTE supported check to thread switching and syscall entry/exit
+
+From: Peter Collingbourne <pcc@google.com>
+
+commit 8c8a3b5bd960cd88f7655b5251dc28741e11f139 upstream.
+
+This lets us avoid doing unnecessary work on hardware that does not
+support MTE, and will allow us to freely use MTE instructions in the
+code called by mte_thread_switch().
+
+Since this would mean that we do a redundant check in
+mte_check_tfsr_el1(), remove it and add two checks now required in its
+callers. This also avoids an unnecessary DSB+ISB sequence on the syscall
+exit path for hardware not supporting MTE.
+
+Fixes: 65812c6921cc ("arm64: mte: Enable async tag check fault")
+Cc: <stable@vger.kernel.org> # 5.13.x
+Signed-off-by: Peter Collingbourne <pcc@google.com>
+Link: https://linux-review.googlesource.com/id/I02fd000d1ef2c86c7d2952a7f099b254ec227a5d
+Link: https://lore.kernel.org/r/20210915190336.398390-1-pcc@google.com
+[catalin.marinas@arm.com: adjust the commit log slightly]
+Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ arch/arm64/include/asm/mte.h | 6 ++++++
+ arch/arm64/kernel/mte.c | 10 ++++------
+ 2 files changed, 10 insertions(+), 6 deletions(-)
+
+--- a/arch/arm64/include/asm/mte.h
++++ b/arch/arm64/include/asm/mte.h
+@@ -105,11 +105,17 @@ void mte_check_tfsr_el1(void);
+
+ static inline void mte_check_tfsr_entry(void)
+ {
++ if (!system_supports_mte())
++ return;
++
+ mte_check_tfsr_el1();
+ }
+
+ static inline void mte_check_tfsr_exit(void)
+ {
++ if (!system_supports_mte())
++ return;
++
+ /*
+ * The asynchronous faults are sync'ed automatically with
+ * TFSR_EL1 on kernel entry but for exit an explicit dsb()
+--- a/arch/arm64/kernel/mte.c
++++ b/arch/arm64/kernel/mte.c
+@@ -173,12 +173,7 @@ bool mte_report_once(void)
+ #ifdef CONFIG_KASAN_HW_TAGS
+ void mte_check_tfsr_el1(void)
+ {
+- u64 tfsr_el1;
+-
+- if (!system_supports_mte())
+- return;
+-
+- tfsr_el1 = read_sysreg_s(SYS_TFSR_EL1);
++ u64 tfsr_el1 = read_sysreg_s(SYS_TFSR_EL1);
+
+ if (unlikely(tfsr_el1 & SYS_TFSR_EL1_TF1)) {
+ /*
+@@ -221,6 +216,9 @@ void mte_thread_init_user(void)
+
+ void mte_thread_switch(struct task_struct *next)
+ {
++ if (!system_supports_mte())
++ return;
++
+ /*
+ * Check if an async tag exception occurred at EL1.
+ *
x86-setup-call-early_reserve_memory-earlier.patch
thermal-drivers-int340x-do-not-set-a-wrong-tcc-offset-on-resume.patch
irqchip-armada-370-xp-fix-ack-eoi-breakage.patch
+arm64-add-mte-supported-check-to-thread-switching-and-syscall-entry-exit.patch
+usb-serial-cp210x-fix-dropped-characters-with-cp2102.patch
+software-node-balance-refcount-for-managed-software-nodes.patch
--- /dev/null
+From 5aeb05b27f81269a2bf2e15eab9fc0f9a400d3a8 Mon Sep 17 00:00:00 2001
+From: Laurentiu Tudor <laurentiu.tudor@nxp.com>
+Date: Wed, 15 Sep 2021 11:09:39 +0300
+Subject: software node: balance refcount for managed software nodes
+
+From: Laurentiu Tudor <laurentiu.tudor@nxp.com>
+
+commit 5aeb05b27f81269a2bf2e15eab9fc0f9a400d3a8 upstream.
+
+software_node_notify(), on KOBJ_REMOVE drops the refcount twice on managed
+software nodes, thus leading to underflow errors. Balance the refcount by
+bumping it in the device_create_managed_software_node() function.
+
+The error [1] was encountered after adding a .shutdown() op to our
+fsl-mc-bus driver.
+
+[1]
+pc : refcount_warn_saturate+0xf8/0x150
+lr : refcount_warn_saturate+0xf8/0x150
+sp : ffff80001009b920
+x29: ffff80001009b920 x28: ffff1a2420318000 x27: 0000000000000000
+x26: ffffccac15e7a038 x25: 0000000000000008 x24: ffffccac168e0030
+x23: ffff1a2428a82000 x22: 0000000000080000 x21: ffff1a24287b5000
+x20: 0000000000000001 x19: ffff1a24261f4400 x18: ffffffffffffffff
+x17: 6f72645f726f7272 x16: 0000000000000000 x15: ffff80009009b607
+x14: 0000000000000000 x13: ffffccac16602670 x12: 0000000000000a17
+x11: 000000000000035d x10: ffffccac16602670 x9 : ffffccac16602670
+x8 : 00000000ffffefff x7 : ffffccac1665a670 x6 : ffffccac1665a670
+x5 : 0000000000000000 x4 : 0000000000000000 x3 : 00000000ffffffff
+x2 : 0000000000000000 x1 : 0000000000000000 x0 : ffff1a2420318000
+Call trace:
+ refcount_warn_saturate+0xf8/0x150
+ kobject_put+0x10c/0x120
+ software_node_notify+0xd8/0x140
+ device_platform_notify+0x4c/0xb4
+ device_del+0x188/0x424
+ fsl_mc_device_remove+0x2c/0x4c
+ rebofind sp.c__fsl_mc_device_remove+0x14/0x2c
+ device_for_each_child+0x5c/0xac
+ dprc_remove+0x9c/0xc0
+ fsl_mc_driver_remove+0x28/0x64
+ __device_release_driver+0x188/0x22c
+ device_release_driver+0x30/0x50
+ bus_remove_device+0x128/0x134
+ device_del+0x16c/0x424
+ fsl_mc_bus_remove+0x8c/0x114
+ fsl_mc_bus_shutdown+0x14/0x20
+ platform_shutdown+0x28/0x40
+ device_shutdown+0x15c/0x330
+ __do_sys_reboot+0x218/0x2a0
+ __arm64_sys_reboot+0x28/0x34
+ invoke_syscall+0x48/0x114
+ el0_svc_common+0x40/0xdc
+ do_el0_svc+0x2c/0x94
+ el0_svc+0x2c/0x54
+ el0t_64_sync_handler+0xa8/0x12c
+ el0t_64_sync+0x198/0x19c
+---[ end trace 32eb1c71c7d86821 ]---
+
+Fixes: 151f6ff78cdf ("software node: Provide replacement for device_add_properties()")
+Reported-by: Jon Nettleton <jon@solid-run.com>
+Suggested-by: Heikki Krogerus <heikki.krogerus@linux.intel.com>
+Reviewed-by: Heikki Krogerus <heikki.krogerus@linux.intel.com>
+Signed-off-by: Laurentiu Tudor <laurentiu.tudor@nxp.com>
+Cc: 5.12+ <stable@vger.kernel.org> # 5.12+
+[ rjw: Fix up the software_node_notify() invocation ]
+Signed-off-by: Rafael J. Wysocki <rafael.j.wysocki@intel.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ drivers/base/swnode.c | 3 +++
+ 1 file changed, 3 insertions(+)
+
+--- a/drivers/base/swnode.c
++++ b/drivers/base/swnode.c
+@@ -1113,6 +1113,9 @@ int device_create_managed_software_node(
+ to_swnode(fwnode)->managed = true;
+ set_secondary_fwnode(dev, fwnode);
+
++ if (device_is_registered(dev))
++ software_node_notify(dev, KOBJ_ADD);
++
+ return 0;
+ }
+ EXPORT_SYMBOL_GPL(device_create_managed_software_node);
--- /dev/null
+From c32dfec6c1c36bbbcd5d33e949d99aeb215877ec Mon Sep 17 00:00:00 2001
+From: Johan Hovold <johan@kernel.org>
+Date: Wed, 22 Sep 2021 13:30:59 +0200
+Subject: USB: serial: cp210x: fix dropped characters with CP2102
+
+From: Johan Hovold <johan@kernel.org>
+
+commit c32dfec6c1c36bbbcd5d33e949d99aeb215877ec upstream.
+
+Some CP2102 do not support event-insertion mode but return no error when
+attempting to enable it.
+
+This means that any event escape characters in the input stream will not
+be escaped by the device and consequently regular data may be
+interpreted as escape sequences and be removed from the stream by the
+driver.
+
+The reporter's device has batch number DCL00X etched into it and as
+discovered by the SHA2017 Badge team, counterfeit devices with that
+marking can be detected by sending malformed vendor requests. [1][2]
+
+Tests confirm that the possibly counterfeit CP2102 returns a single byte
+in response to a malformed two-byte part-number request, while an
+original CP2102 returns two bytes. Assume that every CP2102 that behaves
+this way also does not support event-insertion mode (e.g. cannot report
+parity errors).
+
+[1] https://mobile.twitter.com/sha2017badge/status/1167902087289532418
+[2] https://hackaday.com/2017/08/14/hands-on-with-the-shacamp-2017-badge/#comment-3903376
+
+Reported-by: Malte Di Donato <malte@neo-soft.org>
+Tested-by: Malte Di Donato <malte@neo-soft.org>
+Fixes: a7207e9835a4 ("USB: serial: cp210x: add support for line-status events")
+Cc: stable@vger.kernel.org # 5.9
+Link: https://lore.kernel.org/r/20210922113100.20888-1-johan@kernel.org
+Signed-off-by: Johan Hovold <johan@kernel.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ drivers/usb/serial/cp210x.c | 35 +++++++++++++++++++++++++++++++++++
+ 1 file changed, 35 insertions(+)
+
+--- a/drivers/usb/serial/cp210x.c
++++ b/drivers/usb/serial/cp210x.c
+@@ -259,6 +259,7 @@ struct cp210x_serial_private {
+ speed_t max_speed;
+ bool use_actual_rate;
+ bool no_flow_control;
++ bool no_event_mode;
+ };
+
+ enum cp210x_event_state {
+@@ -1113,12 +1114,16 @@ static void cp210x_change_speed(struct t
+
+ static void cp210x_enable_event_mode(struct usb_serial_port *port)
+ {
++ struct cp210x_serial_private *priv = usb_get_serial_data(port->serial);
+ struct cp210x_port_private *port_priv = usb_get_serial_port_data(port);
+ int ret;
+
+ if (port_priv->event_mode)
+ return;
+
++ if (priv->no_event_mode)
++ return;
++
+ port_priv->event_state = ES_DATA;
+ port_priv->event_mode = true;
+
+@@ -2098,6 +2103,33 @@ static void cp210x_init_max_speed(struct
+ priv->use_actual_rate = use_actual_rate;
+ }
+
++static void cp2102_determine_quirks(struct usb_serial *serial)
++{
++ struct cp210x_serial_private *priv = usb_get_serial_data(serial);
++ u8 *buf;
++ int ret;
++
++ buf = kmalloc(2, GFP_KERNEL);
++ if (!buf)
++ return;
++ /*
++ * Some (possibly counterfeit) CP2102 do not support event-insertion
++ * mode and respond differently to malformed vendor requests.
++ * Specifically, they return one instead of two bytes when sent a
++ * two-byte part-number request.
++ */
++ ret = usb_control_msg(serial->dev, usb_rcvctrlpipe(serial->dev, 0),
++ CP210X_VENDOR_SPECIFIC, REQTYPE_DEVICE_TO_HOST,
++ CP210X_GET_PARTNUM, 0, buf, 2, USB_CTRL_GET_TIMEOUT);
++ if (ret == 1) {
++ dev_dbg(&serial->interface->dev,
++ "device does not support event-insertion mode\n");
++ priv->no_event_mode = true;
++ }
++
++ kfree(buf);
++}
++
+ static int cp210x_get_fw_version(struct usb_serial *serial, u16 value)
+ {
+ struct cp210x_serial_private *priv = usb_get_serial_data(serial);
+@@ -2123,6 +2155,9 @@ static void cp210x_determine_quirks(stru
+ int ret;
+
+ switch (priv->partnum) {
++ case CP210X_PARTNUM_CP2102:
++ cp2102_determine_quirks(serial);
++ break;
+ case CP210X_PARTNUM_CP2102N_QFN28:
+ case CP210X_PARTNUM_CP2102N_QFN24:
+ case CP210X_PARTNUM_CP2102N_QFN20:
projects / thirdparty / kernel / stable-queue.git / commitdiff
